<h1>Neuigkeiten</h1>

<?php

if(isset($_GET["action"]) && $_GET["action"] == "del") {
 if(has_permission(PERM_WRITE_NEWS)) {
  db_query("DELETE FROM news WHERE id = ".secure_mysql_int($_GET["news_id"])." LIMIT 1");
 }
}

$r = db_query("SELECT * FROM news ORDER BY id DESC");
while(($v = mysql_fetch_array($r)) != NULL) {
 $show_entry = 0;
 if($v["flags"] & FLAG_RELEASED) $show_entry = 1;
 
 if(has_permission(PERM_WRITE_NEWS) && $_SESSION["user"] == $v["author"]) {
  $buttons = "<span class='small_button'><a href='index.php?filter=new&amp;news_id=".$v["id"]."'><img src='images/edit.png'>&nbsp;Bearbeiten</a></span>&nbsp;";
  $buttons .="<span class='small_button'><a href='#' onclick='delete_news(".$v["id"].");'><img src='images/editdelete.png'>&nbsp;L&ouml;schen</a></span>";
  $show_entry = 1;
 } else {
  $buttons = "";
 }
 
 if(!$show_entry) continue;
 
 echo "
 <table class='news_table'>
  <tr>
   <td class='news_date'>
    ".calendar($v["date"])."
   </td>
   <td>
    <table class='news_subject_table'>
     <tr class='news_subject'>
      <td class='news_subject'>".(($v["flags"] & FLAG_RELEASED) ? "" : "<span class='entwurf'>Entwurf</span> ").$v["subject"]."</td>
      <td class='news_buttons'>".($buttons)."</td>
     </tr>
     <tr>
      <td class='news_author'>".$v["author"]."</td>
      <td class='news_author'>Ver&ouml;ffentlicht&nbsp;um&nbsp;".date("H:i", $v["date"])."</td>
     </tr>
    </table>
   </td>
  </tr>
  
  <tr><td colspan='2'>&nbsp;</td></tr>
  
  <tr>
   <td colspan='2' class='news_text'>".$v["text"]."</td>
  </tr>
 
 </table>
 ";
}


?>
